Re: Problem with authentication using DefaultCredentials
From: Peter Kelcey (Peter.Kelcey_at_telus.com)
Date: 11/15/05
- Next message: [MSFT]: "RE: HttpClientCertificate"
- Previous message: [MSFT]: "Re: Forms Authentication"
- In reply to: Joe Kaplan \(MVP - ADSI\): "Re: Problem with authentication using DefaultCredentials"
- Next in thread: elora_c_at_yahoo.com: "Re: Problem with authentication using DefaultCredentials"
- Reply: elora_c_at_yahoo.com: "Re: Problem with authentication using DefaultCredentials"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 14 Nov 2005 20:18:18 -0800
Carole,
What I noticed first in your post is that you said you put the
<identity impersonate="true"> in the web.config of the web services
project. However, you do not actually need any impersonation within
that project. Where you need the impersonation is in the web
application project. By default ASP.NET web applications do not perform
impersonations and as a result when you retrieve the DefaultCredentials
you will be given the ASPNET proccess account instead of your account.
If you put the impersonate identity in the web project, you should be
able to pickup the proper credentials and your web service will be able
to perform the authorization against those.
The flow of events would be like the following:
1) The user is authenticated against your web application
2) The web application impersonates the windows account and causes all
code to run within this security context
3) You retrieve the defaultcredentials (which will now be your account)
4) The credentials are forward as part of your web service call
5) The web service authenticates, authorizes and runs (no ipersonation
required)
Also, you didn't make any mention of it, but I'm assuming you put the
proper <allow> tags in the authorization section of your web service's
web.config to give your user permission to access the service.
Hope that helps
Peter Kelcey
- Next message: [MSFT]: "RE: HttpClientCertificate"
- Previous message: [MSFT]: "Re: Forms Authentication"
- In reply to: Joe Kaplan \(MVP - ADSI\): "Re: Problem with authentication using DefaultCredentials"
- Next in thread: elora_c_at_yahoo.com: "Re: Problem with authentication using DefaultCredentials"
- Reply: elora_c_at_yahoo.com: "Re: Problem with authentication using DefaultCredentials"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
